what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 179 RSS Feed

Files

OrangeHRM 3.3.1 Unauthorized Data Manipulation
Posted Sep 28, 2015
Authored by vishnu raju

OrangeHRM versions 3.3.1 and below suffer from an unauthorized data manipulation vulnerability.

tags | advisory
SHA-256 | 1f29e60d43418bbd4fba574abac4e07b014ed91d412c75eedb2deb6a5aa41d16
HP Security Bulletin HPSBHF03513
Posted Sep 28, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03513 - Potential security vulnerabilities have been identified with certain HP PCs and workstations with Windows and Linux running the NVidia Graphics Driver. The vulnerabilities could be locally exploited resulting in Denial of Service (DoS) and elevation of privilege. Note: This issue is present on Windows and Linux operating systems and affects all currently supported NVIDIA driver releases and all GPUs. This issue does not affect Android based NVIDIA Tegra products. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | linux, windows
advisories | CVE-2015-5950
SHA-256 | ec26c4604b9de2314879b4fe75f99245c83a0fb1824494b34d2637127bf7aa05
Debian Security Advisory 3368-1
Posted Sep 26, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3368-1 - It was discovered that cyrus-sasl2, a library implementing the Simple Authentication and Security Layer, does not properly handle certain invalid password salts. A remote attacker can take advantage of this flaw to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2013-4122
SHA-256 | fb30de4dfb472107cab21da532594e838feefffc940985cd87decc7dbaf7fbc4
Gentoo Linux Security Advisory 201509-07
Posted Sep 26, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-7 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 11.2.202.521 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2015-5567, CVE-2015-5568, CVE-2015-5570, CVE-2015-5571, CVE-2015-5572, CVE-2015-5573, CVE-2015-5574, CVE-2015-5575, CVE-2015-5576, CVE-2015-5577, CVE-2015-5578, CVE-2015-5579, CVE-2015-5580, CVE-2015-5581, CVE-2015-5582, CVE-2015-5584, CVE-2015-5587, CVE-2015-5588, CVE-2015-6676, CVE-2015-6677, CVE-2015-6678, CVE-2015-6679, CVE-2015-6680, CVE-2015-6681, CVE-2015-6682
SHA-256 | 94d0e02348fcb5f061e23d159a5edf9376fdacd6815e90a1760a26e2e16eef18
Ubuntu Security Notice USN-2746-2
Posted Sep 26, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2746-2 - USN-2746-1 fixed a vulnerability in Simple Streams. The update caused a regression preventing MAAS from downloading PXE images. This update fixes the problem. It was discovered that Simple Streams did not properly perform gpg verification in some situations. A remote attacker could use this to perform a man-in-the-middle attack and inject malicious content into the stream. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
SHA-256 | 7b09a0d72f7034d833f88eb6791490c832b585167b9f3d5c9d54469a9097fe5c
Apache Cordova Android File Transfer Plugin 1.2.1 Header Injection
Posted Sep 25, 2015
Authored by Muneaki Nishimura

Apache Cordova Android File Transfer plugin versions 1.2.1 and below suffer from an HTTP header injection vulnerability.

tags | advisory, web
advisories | CVE-2015-5204
SHA-256 | 1c678a1c4f57462b9c536f091f42eac61d776820a65cd8bd687da721e960449a
Ubuntu Security Notice USN-2745-1
Posted Sep 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2745-1 - Lian Yihan discovered that QEMU incorrectly handled certain payload messages in the VNC display driver. A malicious guest could use this issue to cause the QEMU process to hang, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Qinghao Tang discovered that QEMU incorrectly handled receiving certain packets in the NE2000 network driver. A malicious guest could use this issue to cause the QEMU process to hang, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-5239, CVE-2015-5278, CVE-2015-5279, CVE-2015-6815, CVE-2015-6855
SHA-256 | 10d84d56be340b435ae90a54578f4d46671992f41d69ef51bbda5a96fc7195c1
Gentoo Linux Security Advisory 201509-06
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-6 - An attacker could execute arbitrary commands via Git repositories in a case-insensitive or case-normalizing filesystem. Versions less than 2.0.5 are affected.

tags | advisory, arbitrary
systems | linux, gentoo
advisories | CVE-2014-9390
SHA-256 | f5c875abddf16229107d11e985b0b6283b6e21ef181d91bc716e8c756b6d3cba
Gentoo Linux Security Advisory 201509-05
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-5 - Improper handling of Router Advertisements in NetworkManager could cause a Denial of Service condition in IPv6 network stacks. Versions less than 1.0.2 are affected.

tags | advisory, denial of service
systems | linux, gentoo
advisories | CVE-2015-2924
SHA-256 | 9ea586c90a77433be74d0183681c6a777f13a7219f8a16e512c2ebc1c4f2b69d
Gentoo Linux Security Advisory 201509-04
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-4 - Multiple vulnerabilities have been found in libtasn1, the worst of which could lead to arbitrary code execution. Versions less than 1.4.5 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-2806, CVE-2015-3622
SHA-256 | 7409f641de00682e65c15ff139158d68c60b58fefecad508e0f36dd168033008
Gentoo Linux Security Advisory 201509-03
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-3 - Multiple vulnerabilities have been found in Cacti, the worst of which could lead to arbitrary code execution. Versions less than 0.8.8d are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2014-2326, CVE-2014-2327, CVE-2014-2328, CVE-2014-2708, CVE-2014-2709, CVE-2014-4002, CVE-2014-5025, CVE-2014-5026, CVE-2015-2967
SHA-256 | 7a4f1dbc306cb7046c88c372fc9d48510bfe0a35ebb5b4a0471b6a480296dc83
Gentoo Linux Security Advisory 201509-02
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-2 - Multiple vulnerabilities have been found in cURL, the worst of which can allow remote attackers to cause Denial of Service condition. Versions less than 7.43.0 are affected.

tags | advisory, remote, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2015-3143, CVE-2015-3144, CVE-2015-3145, CVE-2015-3148, CVE-2015-3236, CVE-2015-3237
SHA-256 | f5b5b9e3238bd4c9cdd7e927d7530352831a5a3d3d388eaff85cf3fbcee5d92e
Gentoo Linux Security Advisory 201509-01
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-1 - Multiple vulnerabilities have been found in NTP, the worst of which could lead to arbitrary code execution. Versions less than 4.2.8_p3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-1798, CVE-2015-1799, CVE-2015-5146
SHA-256 | 655635fa6995896fdb8eeaae23aa01b3be957c61de9b5732755b0250e88c45ed
Ubuntu Security Notice USN-2746-1
Posted Sep 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2746-1 - It was discovered that Simple Streams did not properly perform gpg verification in some situations. A remote attacker could use this to perform a man-in-the-middle attack and inject malicious content into the stream.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2015-1337
SHA-256 | 48fb30d17da30955a2d3d15555d69d08f3c8dc61ae3a3794395df8798e23d3f1
Red Hat Security Advisory 2015-1834-02
Posted Sep 25, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1834-02 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. Two information leak flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to disclose sensitive information or, in certain cases, crash.

tags | advisory, web, arbitrary
systems | linux, redhat
advisories | CVE-2015-4500, CVE-2015-4506, CVE-2015-4509, CVE-2015-4511, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | b4094aaec45328ec88bd778806c0553e4b43fcf067ab45f0f86192283435c8f9
Debian Security Advisory 3367-1
Posted Sep 25, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3367-1 - Multiple vulnerabilities were discovered in the dissectors/parsers for ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal functions which could result in denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, debian
advisories | CVE-2015-6241, CVE-2015-6242, CVE-2015-6243, CVE-2015-6244, CVE-2015-6245, CVE-2015-6246, CVE-2015-6247, CVE-2015-6248, CVE-2015-6249
SHA-256 | e50e19d610e227017d0193e73b3efddd4ee08aa437c684c64dfbd872faa698d1
Ubuntu Security Notice USN-2743-3
Posted Sep 25, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2743-3 - USN-2743-1 fixed vulnerabilities in Firefox. Future Firefox updates will require all addons be signed and unity-firefox-extension, webapps-greasemonkey and webaccounts-browser-extension will not go through the signing process. Because these addons currently break search engine installations (LP: #1069793), this update permanently disables the addons by removing them from the system. We apologize for any inconvenience. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2015-4502, CVE-2015-4504, CVE-2015-4506, CVE-2015-4507, CVE-2015-4508, CVE-2015-4509, CVE-2015-4510, CVE-2015-4512, CVE-2015-4516, CVE-2015-4519, CVE-2015-4520, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 564fc19466fc9d259864b3e1262550162910ed750aeccda7e3fcc69fab9bd8b9
BMC Remedy AR 8.1 / 9.0 File Inclusion
Posted Sep 24, 2015
Authored by Stephan Tigges

A file inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting has been discovered. Versions 8.1 and 9.0 are affected.

tags | advisory, file inclusion
advisories | CVE-2015-5071
SHA-256 | 257cc0fd068f03a307cbab920950a5dbba966d365015b81a1f67198b1529af6a
Red Hat Security Advisory 2015-1837-01
Posted Sep 24, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1837-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vnc_refresh_server_surface() routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process instance, or to potentially use it to execute arbitrary code on the host.

tags | advisory, overflow, arbitrary
systems | linux, redhat
advisories | CVE-2015-5225
SHA-256 | 25a986a69f69dfb4207b40a2147c13f035bbe0b10e30563935730b794dd67a88
Ubuntu Security Notice USN-2744-1
Posted Sep 24, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2744-1 - Halfdog discovered that Apport incorrectly handled kernel crash dump files. A local attacker could use this issue to cause a denial of service, or possibly elevate privileges. The default symlink protections for affected releases should reduce the vulnerability to a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2015-1338
SHA-256 | dee7f3fa2888859a2f779bee89c68c507cea1c1a90dff31a934e31fb62b1d8a9
Debian Security Advisory 3366-1
Posted Sep 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3366-1 - A remotely triggerable use-after-free vulnerability was found in rpcbind, a server that converts RPC program numbers into universal addresses. A remote attacker can take advantage of this flaw to mount a denial of service (rpcbind crash).

tags | advisory, remote, denial of service
systems | linux, debian
advisories | CVE-2015-7236
SHA-256 | 98be0a92a93f054d0e77b6763c292f565ae1d55068b02c508f3de091e937e53d
BMC Remedy AR 8.1 / 9.0 File Inclusion
Posted Sep 24, 2015
Authored by Stephan Tigges

A file inclusion vulnerability in the "BIRT Engine" servlet used in BMC Remedy AR Reporting has been discovered. Versions 8.1 and 9.0 are affected.

tags | advisory, file inclusion
advisories | CVE-2015-5072
SHA-256 | d1c67acf2296b14667db65143804438a4df4fc202748bde4c1b51d8b462144c0
Debian Security Advisory 3365-1
Posted Sep 24, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3365-1 - Multiple security issues have been found in Iceweasel, Debian's version integer overflows, buffer overflows, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure or denial of service.

tags | advisory, denial of service, overflow, arbitrary, info disclosure
systems | linux, debian
advisories | CVE-2015-4500, CVE-2015-4506, CVE-2015-4509, CVE-2015-4511, CVE-2015-4517, CVE-2015-4519, CVE-2015-4520, CVE-2015-4521, CVE-2015-4522, CVE-2015-7174, CVE-2015-7175, CVE-2015-7176, CVE-2015-7177, CVE-2015-7180
SHA-256 | 9f06181535993a2ed1465714f151805630edd6d8b335d381b49719f716301fdc
RSA Archer GRC 5.5.3 XSS / Improper Authorization / Information Disclosure
Posted Sep 24, 2015
Site emc.com

RSA Archer GRC version 5.5.3 suffers from cross site scripting, improper authorization, and information disclosure vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure
advisories | CVE-2015-4541, CVE-2015-4542, CVE-2015-4543
SHA-256 | c54811b8c5daa0f2f91c5eb39b919b6ddcb97837b722c57d324f1fd49df6558d
Cisco Security Advisory 20150923-iosxe
Posted Sep 24, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the processing of IPv4 packets that require Network Address Translation (NAT) and Multiprotocol Label Switching (MPLS) services of Cisco IOS XE Software for Cisco ASR 1000 Series, Cisco ISR 4300 Series, Cisco ISR 4400 Series, and Cisco Cloud Services 1000v Series Routers could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper processing of IPv4 packets that require NAT and MPLS processing. An attacker could exploit this vulnerability by sending an IPv4 packet to be processed by a Cisco IOS XE device configured to perform NAT and MPLS services. A successful exploit could allow the attacker to cause a reload of the affected device. Cisco has released software updates that address these vulnerabilities. There are no workarounds to mitigate this vulnerability.

tags | advisory, remote, vulnerability
systems | cisco, osx
SHA-256 | 426911a2340b77ce46c2ba99fd3f3b7030de0d1d02a5d5585ee5a5138cc0f294
Page 2 of 8
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close